##########################################################################
# $Id$
##########################################################################
# $Log: saslauthd,v $
# Revision 1.4 2008/06/30 23:07:51 kirk
# fixed copyright holders for files where I know who they should be
#
# Revision 1.3 2008/03/24 23:31:26 kirk
# added copyright/license notice to each script
#
# Revision 1.2 2005/02/24 17:08:05 kirk
# Applying consolidated patches from Mike Tremaine
#
# Revision 1.2 2005/02/16 00:43:28 mgt
# Added #vi tag to everything, updated ignore.conf with comments, added emerge and netopia to the tree from Laurent -mgt
#
# Revision 1.1 2005/02/13 23:50:42 mgt
# Tons of patches from Pawel and PLD Linux folks...Thanks! -mgt
#
# Revision 1.2 2004/10/02 14:21:47 blues
# - fix
#
# Revision 1.1 2004/10/02 14:16:50 blues
# - initial version of saslauthd filter.
#
##########################################################################
#######################################################
## Copyright (c) 2008 Pawe³ Go³aszewski
## Covered under the included MIT/X-Consortium License:
## http://www.opensource.org/licenses/mit-license.php
## All modifications and contributions by other persons to
## this script are assumed to have been donated to the
## Logwatch project and thus assume the above copyright
## and licensing terms. If you want to make contributions
## under your own copyright or a different license this
## must be explicitly stated in the contribution an the
## Logwatch project reserves the right to not accept such
## contributions. If you have made significant
## contributions to this script and want to claim
## copyright please contact logwatch-devel@lists.sourceforge.net.
#########################################################
########################################################
# This was written by:
# Pawe³ Go³aszewski <blues@ds.pg.gda.pl>
#
# Please send all comments, suggestions, bug reports,
# logwatch-devel@lists.sourceforge.net
#
########################################################
my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0;
my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0;
$AuthFailures = 0;
$Startups = 0;
$Shutdowns = 0;
while (defined($ThisLine = <STDIN>)) {
if (
( $ThisLine =~ m/^DEBUG: / ) or
( $ThisLine =~ m/^ipc_init : listening on socket:/ ) or
( $ThisLine =~ m/^pam_sm_authenticate:/ ) or
( $ThisLine =~ m/^pam_\w+\(\w+:auth\): / )
) {
# We don't care about these
} elsif ( ($User,$Service,$Realm,$Mechanism,$Reason) = ($ThisLine =~ /^do_auth : auth failure: \[user=(.*)\] \[service=([^ ]*)\] \[realm=([^ ]*)\] \[mech=([^ ]*)\] \[reason=(.*)\]$/) ) {
$AuthFailures++;
$AuthFailServiceCount{"$Service ($Mechanism)"}++;
$AuthFailRealmCount{"$Service ($Mechanism)"}{$Realm}++;
$AuthFail{"$Service ($Mechanism)"}{$Realm}{"$User - $Reason"}++;
} elsif ( $ThisLine =~ m/^detach_tty : master pid is: \d+$/) {
$Startups++;
} elsif ( $ThisLine =~ m/^server_exit : master exited: \d+$/) {
$Shutdowns++;
} else {
push @OtherList,$ThisLine;
}
}
##################################################################
if ($Startups > 0) {
print "Startups: $Startups\n";
}
if ($Shutdowns > 0) {
print "Shutdowns: $Shutdowns\n";
}
if (keys %AuthFail) {
print "\nSASL Authentications failed $AuthFailures Time(s)\n";
foreach $Service (sort {$a cmp $b} keys %AuthFail) {
print "Service $Service - $AuthFailServiceCount{$Service} Time(s):\n";
foreach $Realm (sort {$a cmp $b} keys %{$AuthFail{$Service}} ) {
print " Realm $Realm - $AuthFailRealmCount{$Service}{$Realm} Time(s):\n";
foreach $User (sort {$a cmp $b} keys %{$AuthFail{$Service}{$Realm}} ) {
print " User: $User - $AuthFail{$Service}{$Realm}{$User} Time(s):\n";
}
}
}
}
if ($#OtherList >= 0) {
print "\n\n**Unmatched Entries**\n\n";
print @OtherList;
}
exit(0);
# vi: shiftwidth=3 tabstop=3 syntax=perl et
# Local Variables:
# mode: perl
# perl-indent-level: 3
# indent-tabs-mode: nil
# End: